Added ability to use an alternate password for sudo interactive passw…

…ord prompt.
xebialabs · Jan 2, 2014 · c4ebd70 · c4ebd70
1 parent 91218de
commit c4ebd70
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -255,6 +255,12 @@ The SSH protocol implementation of Overthere defines a number of additional conn
 	<br/>
 	<strong>N.B.:</strong> This connection option is only applicable for the <strong>SUDO</strong> and <strong>INTERACTIVE_SUDO</strong> connection types.</td>
 </tr>
+<tr>
+	<th align="left" valign="top"><a name="ssh_sudoInteractivePassword"></a>sudoInteractivePassword</th>
+	<td>Specifies the password to use for keyboard-interactive password prompts resulting from executing commands having a <a href="#ssh_sudoCommandPrefix"><strong>sudoCommandPrefix</strong></a> that require a different password to that used to establish the connection. Example <code>su - privilegeduser -c 'start server1'</code>.  When empty, the default password used for making the connection is used.
+	<br/>
+	<strong>N.B.:</strong> This connection option is only applicable for the <strong>INTERACTIVE_SUDO</strong> connection type.</td>
+</tr>
 <tr>
 	<th align="left" valign="top"><a name="ssh_privateKeyFile"></a>privateKeyFile</th>
 	<td>The RSA private key file to use when connecting to the remote host. When this connection option is specified, the <strong>password</strong> connection option is ignored.</td>
@@ -280,7 +286,7 @@ The SSH protocol implementation of Overthere defines a number of additional conn
 </tr>
 <tr>
 	<th align="left" valign="top"><a name="ssh_sudoCommandPrefix"></a>sudoCommandPrefix</th>
-	<td>The command to prefix to the command to be executed to execute it as <strong>sudoUsername</strong>. The string <code>{0}</code> is replaced with the value of <strong>sudoUsername</strong>. The default value is <code>sudo -u {0}</code>.
+	<td>The command to prefix to the command to be executed to execute it as <strong>sudoUsername</strong>. The string <code>{0}</code> is replaced with the value of <strong>sudoUsername</strong>. The default value is <code>sudo -u {0}</code>. 
 	<br/>
 	<strong>N.B.:</strong> This connection option is only applicable for the <strong>SUDO</strong> and <strong>INTERACTIVE_SUDO</strong> connection types.</td>
 </tr>
@@ -310,7 +316,7 @@ The SSH protocol implementation of Overthere defines a number of additional conn
 </tr>
 <tr>
 	<th align="left" valign="top"><a name="ssh_sudoQuoteCommand"></a>sudoQuoteCommand</th>
-	<td>If set to <code>true</code>, the original command is added as one argument to the prefix configured with the <code>sudoCommandPrefix</code> connection option. This has the result of quoting the original command, which is needed for commands like <code>su</code>. Compare <code>sudo -u privilegeduser start server1</code> to <code>su privilegeduser 'start server1'</code>. The default value is <code>false</code>.
+	<td>If set to <code>true</code>, the original command is added as one argument to the prefix configured with the <code>sudoCommandPrefix</code> connection option. This has the result of quoting the original command, which is needed for commands like <code>su</code>. Compare <code>sudo -u privilegeduser start server1</code> to <code>su privilegeduser -c 'start server1'</code>. The default value is <code>false</code>.
 	<br/>
 	<strong>N.B.:</strong> This connection option is only applicable for the <strong>SUDO</strong> and <strong>INTERACTIVE_SUDO</strong> connection types.</td>
 </tr>

diff --git a/src/main/java/com/xebialabs/overthere/ssh/SshConnectionBuilder.java b/src/main/java/com/xebialabs/overthere/ssh/SshConnectionBuilder.java
@@ -125,6 +125,12 @@ public class SshConnectionBuilder implements OverthereConnectionBuilder {
      */
     public static final String SUDO_USERNAME = "sudoUsername";
 
+    /**
+     * Connection option (String) that specifies an alternate password to use for the password prompt for
+     * {@link SshConnectionType#INTERACTIVE_SUDO INTERACTIVE_SUDO} SSH connections. When empty, the default password used for making the connection is used.
+     */
+    public static final String SUDO_INTERACTIVE_PASSWORD = "sudoInteractivePassword";
+
     /**
      * Connection option (Boolean) that specifies whether or not to explicitly change the permissions with chmod -R
      * go+rX after uploading a file or directory with scp. Also see {@link #SUDO_OVERRIDE_UMASK_COMMAND}.

diff --git a/src/main/java/com/xebialabs/overthere/ssh/SshInteractiveSudoConnection.java b/src/main/java/com/xebialabs/overthere/ssh/SshInteractiveSudoConnection.java
@@ -34,6 +34,7 @@
 import java.io.InputStream;
 
 import static com.google.common.base.Preconditions.checkArgument;
+import static com.xebialabs.overthere.ssh.SshConnectionBuilder.SUDO_INTERACTIVE_PASSWORD;
 import static com.xebialabs.overthere.ssh.SshConnectionBuilder.SUDO_PASSWORD_PROMPT_REGEX;
 import static com.xebialabs.overthere.ssh.SshConnectionBuilder.SUDO_PASSWORD_PROMPT_REGEX_DEFAULT;
 
@@ -44,14 +45,17 @@ class SshInteractiveSudoConnection extends SshSudoConnection {
 
     private String passwordPromptRegex;
 
+    private String sudoInteractivePassword;
+
     private static final String OVERRIDE_ALLOCATE_PTY = "vt220:80:24:0:0";
 
     public SshInteractiveSudoConnection(String type, ConnectionOptions options, AddressPortMapper mapper) {
         super(type, options, mapper);
-        passwordPromptRegex = options.get(SUDO_PASSWORD_PROMPT_REGEX, SUDO_PASSWORD_PROMPT_REGEX_DEFAULT);
+        this.sudoInteractivePassword = options.get(SUDO_INTERACTIVE_PASSWORD, password);
+        this.passwordPromptRegex = options.get(SUDO_PASSWORD_PROMPT_REGEX, SUDO_PASSWORD_PROMPT_REGEX_DEFAULT);
         checkArgument(!passwordPromptRegex.endsWith("*"), SUDO_PASSWORD_PROMPT_REGEX + " should not end in a wildcard");
         checkArgument(!passwordPromptRegex.endsWith("?"), SUDO_PASSWORD_PROMPT_REGEX + " should not end in a wildcard");
-        checkArgument(password != null, "Cannot start a ssh:%s: connection without a password", sshConnectionType.toString().toLowerCase());
+        checkArgument(sudoInteractivePassword != null, "Cannot start a ssh:%s: connection without a password", sshConnectionType.toString().toLowerCase());
         if (!allocateDefaultPty && allocatePty == null) {
             logger.warn("An ssh:{}: connection requires a pty, allocating a pty with spec [" + OVERRIDE_ALLOCATE_PTY +"].", sshConnectionType.toString().toLowerCase());
             allocatePty = OVERRIDE_ALLOCATE_PTY;
@@ -63,7 +67,7 @@ protected SshProcess createProcess(final Session session, final CmdLine commandL
         return new SshProcess(this, os, session, commandLine) {
             @Override
             public InputStream getStdout() {
-                return new SshInteractiveSudoPasswordHandlingStream(super.getStdout(), getStdin(), password, passwordPromptRegex);
+                return new SshInteractiveSudoPasswordHandlingStream(super.getStdout(), getStdin(), sudoInteractivePassword, passwordPromptRegex);
             }
         };
     }